feat: added policy attachment to iam role module

2026-03-31 08:13:10 +08:00
parent c8eba9a6f8
commit 36036bb6f5
4 changed files with 20 additions and 14 deletions
@@ -40,14 +40,9 @@ module "CsiPodIdentity" {
      ]
    }
  )
-}
-
-# 2 policies are required for the ebs csi to work
-resource "aws_iam_role_policy_attachment" "CsiPodIdentity" {
-  for_each = toset([
+  # 2 policies are required for the ebs csi to work
+  attach-managed-policies = [
    "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess",
    "arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy"
-  ])
-  role       = module.CsiPodIdentity.name
-  policy_arn = each.value
+  ]
 }